nanog mailing list archives
Re: Impacts of Encryption Everywhere (any solution?)
From: Lee Howard <lee.howard () retevia net>
Date: Tue, 29 May 2018 10:55:18 -0400
On 05/28/2018 10:23 AM, Mike Hammett wrote:
Has anyone outside of tech media, Silicon Valley or academia (all places wildly out of touch with the real world) put much thought into the impacts of encryption everywhere?
See "Effects of Pervasive Encryption on Operators." https://datatracker.ietf.org/doc/draft-mm-wg-effect-encrypt/?include_text=1TLS1.3 uses ephemeral keys, so even if you own both endpoints and everything in the middle, you can't decrypt a flow without some yet-to-be-developed technology.
QUIC encrypts everything, and of course, HTTPS.
So often we hear about how we need the best modern encryption on all forms of communication because of whatever scary thing is trendy this week (Russia, NSA, Google, whatever). HTTPS your marketing information and generic education pieces because of the boogeyman! However, I recently came across a thread where someone was exploring getting a one megabit connection into their village and sharing it among many. The crowd I referenced earlier also believes you can't Internet under 100 megabit/s per home.
Yeah. Too many people forget that most of the Internet is mobile, and mobile != LTE. People also assume packet loss < 0.1%, latency <100ms, and power reliability >99%.
A proxy is all I've thought of. But it means everything is dependent on the proxy, and it's even in-path for things that really should be encrypted, like email and messaging. I can't imagine why the weather should be encrypted, when everyone in a location wants to know the forecast.However, this could be wildly improved with caching ala squid or something similar. The problem is that encrypted content is difficult to impossible for your average Joe to cache. The rewards for implementing caching are greatly mitigated and people like this must suffer a worse Internet experience because of some ideological high horse in a far-off land. Some things certainly do need to be encrypted, but encrypting everything means people with limited Internet access get worse performance OR mechanisms have to be out in place to break ALL encryption, this compromising security and privacy when it's really needed. To circle back to being somewhat on-topic, what mechanisms are available to maximize the amount of traffic someone in this situation could cache? The performance of third-world Internet depends on you.
Lee
Current thread:
- Re: Impacts of Encryption Everywhere (any solution?) Lee Howard (Jun 05)
- Re: Impacts of Encryption Everywhere (any solution?) Mike Hammett (Jun 16)
- Re: Impacts of Encryption Everywhere (any solution?) nanog (Jun 16)
- Message not available
- Re: Impacts of Encryption Everywhere (any solution?) nanog (Jun 17)
- Re: Impacts of Encryption Everywhere (any solution?) Michael Hallgren (Jun 17)
- Re: Impacts of Encryption Everywhere (any solution?) Brad (Jun 17)
- Re: Impacts of Encryption Everywhere (any solution?) Mike Hammett (Jun 17)
- Re: Impacts of Encryption Everywhere (any solution?) Lee Howard (Jun 19)
- Re: Impacts of Encryption Everywhere (any solution?) George Herbert (Jun 19)
- Re: Impacts of Encryption Everywhere (any solution?) Mike Hammett (Jun 19)
- Re: Impacts of Encryption Everywhere (any solution?) Michael Crapse (Jun 19)
- Re: Impacts of Encryption Everywhere (any solution?) nanog (Jun 16)
- Re: Impacts of Encryption Everywhere (any solution?) Mike Hammett (Jun 16)